The Content-Centric Networking (CCN) paradigm introduces a novel communication model where any node in the network can implement caching functionalities to directly serve incoming content requests. However, such a radical change in the protocol stack poses new security challenges since the content producer loses control over the data he provides to the network. Our contribution is to propose ConfTrack-CCN, an efficient encryption-based extension to the CCN proposal, designed to enforce confidential data dissemination, trackable content access and seamless support of policy evolution. ConfTrack-CCN jointly enforces all these three requirements by protecting the data with two layers of encryption, the latter of which evolves to reflect access privilege updates. A forced consumer-producer interaction makes consumers fetch keying materials, while sending back logging data on the accessed objects. To evaluate the traffic reduction that ConfTrack-CCN can guarantee, we perform thorough simulation campaigns with real network topologies, and we further study the computational overhead introduced by the encryption primitives we use to secure the communication. The results clearly show that, on average, ConfTrack-CCN ensures a 20% higher hit-rate than other security schemes, while introducing a negligible computational overhead.

(2015). A cache-aware mechanism to enforce confidentiality, trackability and access policy evolution in Content-Centric Networks [journal article - articolo]. In COMPUTER NETWORKS. Retrieved from http://hdl.handle.net/10446/58023

A cache-aware mechanism to enforce confidentiality, trackability and access policy evolution in Content-Centric Networks

MANGILI, MICHELE;MARTIGNON, Fabio;PARABOSCHI, Stefano
2015-01-01

Abstract

The Content-Centric Networking (CCN) paradigm introduces a novel communication model where any node in the network can implement caching functionalities to directly serve incoming content requests. However, such a radical change in the protocol stack poses new security challenges since the content producer loses control over the data he provides to the network. Our contribution is to propose ConfTrack-CCN, an efficient encryption-based extension to the CCN proposal, designed to enforce confidential data dissemination, trackable content access and seamless support of policy evolution. ConfTrack-CCN jointly enforces all these three requirements by protecting the data with two layers of encryption, the latter of which evolves to reflect access privilege updates. A forced consumer-producer interaction makes consumers fetch keying materials, while sending back logging data on the accessed objects. To evaluate the traffic reduction that ConfTrack-CCN can guarantee, we perform thorough simulation campaigns with real network topologies, and we further study the computational overhead introduced by the encryption primitives we use to secure the communication. The results clearly show that, on average, ConfTrack-CCN ensures a 20% higher hit-rate than other security schemes, while introducing a negligible computational overhead.
articolo
gen-2015
Mangili, Michele; Martignon, Fabio; Paraboschi, Stefano
(2015). A cache-aware mechanism to enforce confidentiality, trackability and access policy evolution in Content-Centric Networks [journal article - articolo]. In COMPUTER NETWORKS. Retrieved from http://hdl.handle.net/10446/58023
File allegato/i alla scheda:
File Dimensione del file Formato  
compNet_2015.pdf

Solo gestori di archivio

Versione: publisher's version - versione editoriale
Licenza: Licenza default Aisberg
Dimensione del file 1.73 MB
Formato Adobe PDF
1.73 MB Adobe PDF   Visualizza/Apri
58023 Paraboschi.pdf

Open Access dal 18/11/2016

Versione: postprint - versione referata/accettata senza referaggio
Licenza: Creative commons
Dimensione del file 2.18 MB
Formato Adobe PDF
2.18 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

Aisberg ©2008 Servizi bibliotecari, Università degli studi di Bergamo | Terms of use/Condizioni di utilizzo

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10446/58023
Citazioni
  • Scopus 26
  • ???jsp.display-item.citation.isi??? 24
social impact